For if you are using a Flash-based uploader like Uploadify and Rails 3.

flash_session_cookie_middleware.rb

## Inside: app/middleware/flash_session_cookie_middleware.rb

require 'rack/utils'
 
class FlashSessionCookieMiddleware
  def initialize(app, session_key = '_session_id')
    @app = app
    @session_key = session_key
  end
 
  def call(env)
    if env['HTTP_USER_AGENT'] =~ /^(Adobe|Shockwave) Flash/
      params = ::Rack::Request.new(env).params
      env['HTTP_COOKIE'] = [ @session_key, params[@session_key] ].join('=').freeze unless params[@session_key].nil?
    end
    @app.call(env)
  end
end

session_store.rb

## Inside: config/initializers/session_store.rb

Rails.application.config.middleware.insert_before(
  ActionDispatch::Session::CookieStore,
  FlashSessionCookieMiddleware,
  Rails.application.config.session_options[:key]
)

Yeah -- please fork and pull request if you have any improvements. Figuring out how to solve this one fairly common problem takes waaaayyyy too much googling and I think some kind of group effort in the form of a gem would save a lot of hair pulling ;)

I agree. The thing is that the first Middleware snippet I found on someone's blog worked. Then I opened Internet Explorer (6, 7, 8) all died because it had some issue with the AuthenticityToken. Found another snippet, modified it and that appeared to work. Now you show me this gem and I just pulled my stuff out, added the gem to the Gemfile and voila. All browsers work!

I think this gem of yours will definitely help a lot of people and save them the hassle. It certainly motivates me to use this kind of uploader more in the future! Thanks again!

The gem is a big win, given the number of people doing this and because most of the documentation is still dealing with Rails 2.x. Good work, just need to find more ways to get the word out so nobody else has to mess with it.